SSO Login Question

We have SSO configured between a client Salesforce environment and BPCC. When a user logs on to Salesforce the BPCC widget that sits within SFDC, logs you on to BPCC automatically. However, if a user launches the BPCC application BEFORE logging on to SFDC they are prompted for their BPCC username and password.

The client would like ensure that users cannot log on using their BPCC credentials. Is there a way to configure this which would allow us to also support users (such as application team members) that do not have access to the client SFDC instance?

1 Like

HI Tim,
great question. Actually i think there is way to do it, but it’ll require you to redo the SSO. In short - you need to setup an SSO not under Salesforce integration settings, but in the Integrations, set up SAML SSO with Salesforce and enable it. - that will force everyone to go to over SSO (except for the user who has a privilege of bypassing SSO).

On Salesforce side you’ll need to remove sfLogin parameter from the url and change the settings under Connected apps in SAML section (ACS URL) to https:///agentdesktop/sso/redirect

I’d open ticket with BP support and let them verify if that will work

Thanks Ivan, I’ve opened #27823 for this.